const utils = require("@strapi/utils");

const _ = require("lodash");
const { sanitize } = utils;
const { ApplicationError, ValidationError } = utils.errors;
const {
  validateRegisterBody,
} = require("@strapi/plugin-users-permissions/server/controllers/validation/auth");
const { getService } = require("@strapi/plugin-users-permissions/server/utils");

const sanitizeUser = (user, ctx) => {
  const { auth } = ctx.state;
  const userSchema = strapi.getModel("plugin::users-permissions.user");

  return sanitize.contentAPI.output(user, userSchema, { auth });
};

const userPermissionExtension = (plugin) => {
  /** Example of overriding and adding a new endpoint, check the section where we have registered this as a route below. */
  plugin.controllers.user.updateMe = (ctx) => {
    ctx.params.id = ctx.state.user.id;
    return plugin.controllers.user.update(ctx);
  };

  /** Example of overriding an existing route. */
  plugin.controllers.auth.register = async (ctx) => {
    // console.log(ctx.request.body);
    const pluginStore = await strapi.store({
      type: "plugin",
      name: "users-permissions",
    });
    const settings = await pluginStore.get({ key: "advanced" });
    // console.log("settings", settings);
    if (!settings.allow_register) {
      throw new ApplicationError("Register action is currently disabled");
    }
    // console.log("here");
    const params = {
      ..._.omit(ctx.request.body, [
        "confirmed",
        "blocked",
        "resetPasswordToken",
        "provider",
      ]),
      provider: "local",
    };
    // console.log("email", params);

    await validateRegisterBody(params);
    console.log("params", params);
    console.log("ctx.request.body", ctx.request.body);
    const newUserRole = params?.role ? params?.role : settings.default_role;
    const role = await strapi
      .query("plugin::users-permissions.role")
      .findOne({ where: { name: newUserRole } });
    // console.log("role vendor", role);
    if (!role) {
      throw new ApplicationError("Please find a valid user role.");
    }

    const { email, username, provider, phone } = params;
    const identifierFilter = {
      $or: [
        { email: email },
        { username: email },
        { username },
        { email: username },
        {phone: phone}
      ],
    };
    const conflictingUserCount = await strapi
      .query("plugin::users-permissions.user")
      .count({
        where: { ...identifierFilter, provider },
      });

    if (conflictingUserCount > 0) {
      return ctx.send({
        status: "fail",
        message: "Email or phone number already taken.",
      });
    }

    if (settings.unique_email) {
      const conflictingUserCount = await strapi
        .query("plugin::users-permissions.user")
        .count({
          where: { ...identifierFilter },
        });

      if (conflictingUserCount > 0) {
        return ctx.send({
          status: "fail",
          message: "Email or phone number already taken.",
        });
      }
    }

    let newUser = {
      ...params,
      role: role.id,
      email: email,
      username,
      confirmed: false,
      phone: phone
    };

    const user = await strapi
      .plugin("users-permissions")
      .service("user")
      .add(newUser);

    const sanitizedUser = await sanitizeUser(user, ctx);

    if (settings.email_confirmation) {
      try {
        await strapi
          .plugin("users-permissions")
          .service("user")
          .sendConfirmationEmail(sanitizedUser);
      } catch (err) {
        throw new ApplicationError(err.message);
      }

      return ctx.send({ user: sanitizedUser });
    }

    const jwt = strapi
      .plugin("users-permissions")
      .service("jwt")
      .issue(_.pick(user, ["id"]));

    return ctx.send({
      jwt,
      user: sanitizedUser,
    });
  };

  /** Endpoint used to allow edits on a user done by currently logged in user only their own record. */
  plugin.routes["content-api"].routes.push({
    method: "PUT",
    path: "/users/me",
    handler: "user.updateMe",
  });

  /** Endpoints used to facilitate channel partner login with otp */

  /** Endpoints used to facilitate end user login with otp */

  return plugin;
};

module.exports = userPermissionExtension;